Just look for the padlock next to the web address. This means the site is secure and encrypted. No padlock? Then I would seriously rethink buying there. Or use PayPal. They have buyer protection in case of difficulties. More on that later in the article.

Your address. Your cellphone number. Your credit card number, the card’s CVV number (the three digits on the back of the card that authenticates it), card expiry date, card’s billing address….you see what I am driving at? This stuff must be protected at all costs, otherwise someone impersonating you will be calling up your credit card company, and your bank to change the address, the password, the PIN number…..

For those of you not in the know, what is 2FA? Consider this analogy. A burglar is trying to break into a house, and after much effort at picking the lock (the account password), he succeeds. But his triumph is short-lived when he opens the door and sees a keypad on the wall in front of him. The keypad demands a code, in order for the person to pass, otherwise forget it buster. That keypad demanding a code is 2FA.

After putting in your password, your temporary 2FA code (it’s generally only available for approximately 30 seconds) comes via either a SMS message on your phone, or via a smartphone authenticator app. The most widely used one is one made by Google, called Authenticator, as well as another called Authy. Type in the 6 digits it gives you, and you are in.

Choose Your Payment Information Wisely

When it comes time to go to the checkout to pay, you need to give serious thought as to how you want to pay. If it is a big name merchant – Amazon, Barnes & Noble, Walmart, etc – then you can quite safely give them your card details. But the smaller sites….I would recommend going with Paypal.

A couple of months back, I had a HUGE dispute with a company in China who sent my wife a sub-standard knockoff of a product. They refused to refund the money, but then I filed a payment dispute with PayPal through their Buyer Protection Program. I had paid with PayPal, so I was automatically covered. PayPal diligently took my side of the story, took the company’s side of the story, and rapidly came to the conclusion that I was in the right. They immediately initiated a refund, and I got my money back within 2 business days.

So the moral of this story is – if you see a PayPal logo on the checkout page, USE IT! I know some people hate PayPal with a passion, but it has never let me down personally. Until it does, I will continue recommending it.

Credit card companies themselves obviously investigate clear cases of fraud, and will initiate chargebacks if necessary. But I have been through the PayPal process, and the credit card process in the past. To me, PayPal has seemed much faster and much more efficient.

Don’t Be So Forthcoming With Your Information

The other day, I bought a Christmas item online and it asked me the following question :

“How old are you? Letting us know your age helps us personalize your online experience”.

I’m sure you’ve seen this chestnut before. They want to know everything there is to know about you, including age, occupation, race, and what color of underpants you have on today. When I go to my local computer store, the checkout operator asks me for my zip code. When I refuse to give it to her, she throws a tizz. So I give her a zip code from hundreds of miles away, and she wonders why I came all the way from Hamburg for a USB stick.

Companies are obviously doing this to make profiles of their customers. Profiles that they can then sell on to marketing companies, who’ll sell it on to others…..suddenly that embarrassing purchase that you thought was private, comes back to bite you in the ass when you start receiving “targeted ads”

The Golden Rule here is to give companies the minimal amount of information necessary. If they ask for a phone number, give them your cellphone number. If they ask for that underwear color, tell them you’re not wearing any today.

Be Careful With The Mobile Device!

According to countless studies, mobile devices are taking over the world. People are eschewing the traditional desktop computer, and instead gravitating towards mobile devices, including phones and tablets.

Everyone can see this trend, including criminals. This means they are rapidly modifying their scams to adapt to the mobile device landscape. I mentioned at the start of the article about smishing. Well, there are others you need to worry about, apart from a dodgy looking text message. That phone knows everything about you, which makes it a target-rich environment.

Malicious apps are on the increase, which take more permissions than are needed, when you install them. Do you honestly look and think about it when the app tells you what information it’s taking?

Obviously Google is vastly different than your average underworld thief making his own malware app. I just used the Gmail example as this was the first one which came to hand. But as you can see, each app lays out exactly what they will be looking at – and the vast majority of people click the “Accept” button without even thinking about it.

Be Extra Cautious When Going To Collect In Person From Private Sellers

Finally, be extremely careful when going to pick up something from a seller in person. You might think you are smart saving those shipping fees from that Craigslist poster. But what if the “seller” happens to be an uncontrollable psychopath off his meds?

Just practise some common sense. Don’t get into a stranger’s vehicle. Don’t meet at their home or any dark alleyways. Instead, meet in a very public place, such as a shopping mall. Or a Burger King. Always tell a friend where you are going and when you are going. And ask them to check later to see if you got back OK.

To paraphrase Donald Trump, some sellers are criminals, but I’m sure the rest are good people. But you never know if you will be unlucky enough to draw the short straw and get the loonie.

What Do YOU Do To Stay Safe Online While Shopping?

I know what is going to happen now. You are all going to march to the comments section and accuse me of being paranoid. But seriously, what’s better? Being on hold to your credit card company on Christmas Day, or eating cake? I know which one I would prefer.

As KeePass is mentioned for creating complicated passwords, its also useful to combine it with other tools and automate the login process. Or just to use the built in autotype function. (Default CTRL + ALT + A)

Mark O'Neill is a freelance journalist and bibliophile, who has been getting stuff published since 1989. For 6 years, he was the Managing Editor of MakeUseOf. Now he writes, drinks too much tea, arm-wrestles with his dog, and writes some more. You can find him on Twitter and Facebook.